Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/020559f8ead6543cefa7cedc60640acab1c528bb.roa
File:                     020559f8ead6543cefa7cedc60640acab1c528bb.roa (raw, json)
Hash identifier:          ncYND7umGbu7q9x2632fUal7gOEsotnpRgE5cpadPec=
Subject key identifier:   7B:4F:69:71:75:E5:DF:A1:29:18:46:53:D2:1D:95:05:B0:A8:0F:BD
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       12679F
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/020559f8ead6543cefa7cedc60640acab1c528bb.roa
Signing time:             Wed 29 Nov 2023 21:10:07 +0000
ROA not before:           Wed 29 Nov 2023 21:10:07 +0000
ROA not after:            Sat 29 Nov 2025 21:10:07 +0000
asID:                     272113
IP address blocks:        186.56.60.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1206175 (0x12679f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 29 21:10:07 2023 GMT
            Not After : Nov 29 21:10:07 2025 GMT
        Subject: CN=020559f8ead6543cefa7cedc60640acab1c528bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:c0:5b:23:46:91:3a:c5:a4:be:49:fa:0c:a2:
                    24:53:1e:91:ae:56:e4:6a:7a:66:d1:c1:c2:bd:49:
                    60:3f:d6:fc:ee:e8:67:8d:c6:b0:ba:d8:fc:e3:e8:
                    00:9b:b2:65:f4:b4:7e:3d:6a:8f:33:45:e5:04:8a:
                    bd:30:15:12:57:14:66:a6:e4:da:83:c7:7f:c0:99:
                    d2:c2:c5:7f:7a:10:5d:94:46:60:e0:95:84:db:b9:
                    6f:c7:8a:d2:84:8a:f4:29:a8:5b:0f:26:bb:10:5d:
                    1f:e9:a6:3b:7a:67:e9:2b:4f:4f:8d:3b:21:69:93:
                    00:20:73:ef:19:10:5f:34:3f:3a:22:7e:a9:ac:48:
                    5a:23:78:dd:17:ec:10:3a:97:d4:11:f1:92:b1:95:
                    f8:bd:a9:f9:0b:8d:ba:d3:85:1d:72:4d:a8:cf:65:
                    5e:1e:95:00:06:af:66:9d:0d:a3:76:14:8c:61:a9:
                    64:76:2a:fc:5d:d4:b2:76:99:0f:4a:7b:14:81:63:
                    98:40:ae:82:c4:5d:8b:8e:4c:ac:7d:3d:b7:11:4c:
                    ff:c4:66:76:3c:64:ad:09:4c:0a:d8:d1:88:ff:7b:
                    5d:8f:f5:a4:09:4d:2b:73:94:52:87:91:5e:03:57:
                    36:d4:92:f7:0c:b6:5d:d2:09:ee:17:09:0f:d1:55:
                    82:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:4F:69:71:75:E5:DF:A1:29:18:46:53:D2:1D:95:05:B0:A8:0F:BD
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/020559f8ead6543cefa7cedc60640acab1c528bb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.56.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:25:2b:0f:a3:7d:c5:a2:51:dd:8f:4b:4e:bd:4f:1f:60:31:
         11:b9:e5:12:ec:47:90:43:2d:a0:8a:92:5e:db:ab:cf:65:88:
         67:03:9f:c6:77:2d:93:13:f7:69:7d:3c:f5:b5:59:b6:a3:e4:
         c7:44:be:fa:72:ea:56:c6:ec:25:ea:c7:e4:d1:dd:7a:63:77:
         69:7b:b2:11:d1:8d:6d:3c:fe:51:87:3a:bf:00:a9:10:27:2e:
         f2:28:be:42:4c:76:1a:ed:52:6a:af:c4:17:af:66:7b:9e:73:
         cc:10:e3:c2:59:59:ce:b7:12:cb:7c:9d:0a:56:01:26:8b:a4:
         29:12:1b:cd:b3:ce:e1:a6:5f:e1:30:ce:29:28:ed:51:c5:b7:
         3e:99:6e:0b:0a:0b:7f:34:81:62:6b:14:84:c1:17:1a:7a:ea:
         8f:63:1f:05:78:a0:0f:62:77:9a:e0:ef:b3:f9:f1:bc:ed:3c:
         fd:4b:a3:ed:f6:df:af:e6:9b:e3:74:ff:18:b6:6a:36:4d:61:
         23:a0:b8:70:57:0a:c9:16:c3:14:d8:7f:cc:38:cb:fb:56:d3:
         13:36:17:44:98:85:e0:bc:c8:81:44:33:8d:14:47:71:b6:83:
         0c:38:0c:2a:71:9f:f7:78:52:0f:48:a5:b7:4a:0b:bc:c1:d2:
         2f:26:2a:40
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEmefMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI5
MjExMDA3WhcNMjUxMTI5MjExMDA3WjAzMTEwLwYDVQQDEygwMjA1NTlmOGVhZDY1
NDNjZWZhN2NlZGM2MDY0MGFjYWIxYzUyOGJiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAncBbI0aROsWkvkn6DKIkUx6Rrlbkanpm0cHCvUlgP9b87uhn
jcawutj84+gAm7Jl9LR+PWqPM0XlBIq9MBUSVxRmpuTag8d/wJnSwsV/ehBdlEZg
4JWE27lvx4rShIr0KahbDya7EF0f6aY7emfpK09PjTshaZMAIHPvGRBfND86In6p
rEhaI3jdF+wQOpfUEfGSsZX4van5C42604Udck2oz2VeHpUABq9mnQ2jdhSMYalk
dir8XdSydpkPSnsUgWOYQK6CxF2LjkysfT23EUz/xGZ2PGStCUwK2NGI/3tdj/Wk
CU0rc5RSh5FeA1c21JL3DLZd0gnuFwkP0VWCOQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFHtPaXF15d+hKRhGU9IdlQWwqA+9MB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2LzAyMDU1OWY4ZWFkNjU0M2NlZmE3Y2VkYzYwNjQwYWNhYjFjNTI4YmIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEALo4PDANBgkqhkiG9w0BAQsFAAOCAQEAGCUrD6N9xaJR3Y9L
Tr1PH2AxEbnlEuxHkEMtoIqSXturz2WIZwOfxnctkxP3aX089bVZtqPkx0S++nLq
VsbsJerH5NHdemN3aXuyEdGNbTz+UYc6vwCpECcu8ii+Qkx2Gu1Saq/EF69me55z
zBDjwllZzrcSy3ydClYBJoukKRIbzbPO4aZf4TDOKSjtUcW3PpluCwoLfzSBYmsU
hMEXGnrqj2MfBXigD2J3muDvs/nxvO08/Uuj7fbfr+ab43T/GLZqNk1hI6C4cFcK
yRbDFNh/zDjL+1bTEzYXRJiF4LzIgUQzjRRHcbaDDDgMKnGf93hSD0ilt0oLvMHS
LyYqQA==
-----END CERTIFICATE-----
Generated at Mon Apr 15 09:53:54 2024 by rpki-client on console-ams.rpki-client.org